exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 4

CVE-2025-48383

23 дня назад

Django-Select2 is a Django integration for Select2. Prior to version 8.4.1, instances of HeavySelect2Mixin subclasses like the ModelSelect2MultipleWidget and ModelSelect2Widget can leak secret access tokens across requests. This can allow users to access restricted query sets and restricted data. This issue has been patched in version 8.4.1.

CVSS3: 8.2

EPSS: Низкий

CVE-2025-48383

23 дня назад

Django-Select2 is a Django integration for Select2. Prior to version 8.4.1, instances of HeavySelect2Mixin subclasses like the ModelSelect2MultipleWidget and ModelSelect2Widget can leak secret access tokens across requests. This can allow users to access restricted query sets and restricted data. This issue has been patched in version 8.4.1.

CVSS3: 8.2

EPSS: Низкий

CVE-2025-48383

23 дня назад

Django-Select2 is a Django integration for Select2. Prior to version 8 ...

CVSS3: 8.2

EPSS: Низкий

GHSA-wjrh-hj83-3wh7

23 дня назад

Django-Select2 Vulnerable to Widget Instance Secret Cache Key Leaking

CVSS3: 8.2

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2025-48383 Django-Select2 is a Django integration for Select2. Prior to version 8.4.1, instances of HeavySelect2Mixin subclasses like the ModelSelect2MultipleWidget and ModelSelect2Widget can leak secret access tokens across requests. This can allow users to access restricted query sets and restricted data. This issue has been patched in version 8.4.1.	CVSS3: 8.2	0% Низкий	23 дня назад
CVE-2025-48383 Django-Select2 is a Django integration for Select2. Prior to version 8.4.1, instances of HeavySelect2Mixin subclasses like the ModelSelect2MultipleWidget and ModelSelect2Widget can leak secret access tokens across requests. This can allow users to access restricted query sets and restricted data. This issue has been patched in version 8.4.1.	CVSS3: 8.2	0% Низкий	23 дня назад
CVE-2025-48383 Django-Select2 is a Django integration for Select2. Prior to version 8 ...	CVSS3: 8.2	0% Низкий	23 дня назад
GHSA-wjrh-hj83-3wh7 Django-Select2 Vulnerable to Widget Instance Secret Cache Key Leaking	CVSS3: 8.2	0% Низкий	23 дня назад

Уязвимостей на страницу